<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@page session="true"%>
<%@page language="java" contentType="text/html; charset=UTF-8"
	pageEncoding="UTF-8"%>
<html>
<head>
<title>${title}</title>
<script>
	function formSubmit() {
		document.getElementById("logoutForm").submit();
	}
</script>
</head>
<body>
	<h1>标题: ${title}</h1>
	<h1>消息 : ${message}</h1>
	这页面有密码保护，只有经过验证的用户才允许访问。
	

	 <c:url value="/j_spring_security_logout" var="logoutUrl" /> 

	<!-- 注销的表单 -->
	<form action="${logoutUrl}" method="post"
		id="logoutForm">
		<label>不应该显示的token:</label>
		<input type="text" name="${_csrf.parameterName}"
			value="${_csrf.token}" size=40/>
	</form>



	<c:if test="${pageContext.request.userPrincipal.name != null}">
		<h2>
			欢迎: ${pageContext.request.userPrincipal.name} | <a
				href="<c:url value="/logout" />"> 注销</a>
		</h2>
	</c:if>
</body>
</html>